87a139ccc88d46fd2c97a7984d1d36d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87a139ccc88d46fd2c97a7984d1d36d9_JaffaCakes118
Size

382KB
MD5

87a139ccc88d46fd2c97a7984d1d36d9
SHA1

e096df82afc20c93e203c487f539d99957a8a0cc
SHA256

fdc769a00b8d34e90d500ef889a1a0e4dbbb58e3b554ffd74cce40f8f51ec855
SHA512

badf8727ef4f3fb61d6125c6a42f9a5aab99a83b28e8b06910ceb08db23eb009b2c530fbc632e54ac009f0619579879be4735c0f97f414c16e720fcb0fe13a12
SSDEEP

6144:yOBdIPOmXk9hP9a+z55mZATAhDWz6Mi1/zTbc9766nGa/mLzsDa1AmdNDIGnCy5g:1BdUs9V9aE558AchD83i1Hbcp6hsm1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87a139ccc88d46fd2c97a7984d1d36d9_JaffaCakes118

Files

87a139ccc88d46fd2c97a7984d1d36d9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

327d76af57a259dedd562cadd1268ab5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadStringA

gdi32

GetTextCharsetInfo

advapi32

CloseServiceHandle

ole32

CoTaskMemFree

oleaut32

VarUI4FromStr

setupapi

SetupIterateCabinetA

comctl32

InitCommonControlsEx

Exports

Exports

setup

Sections

.text
Size: 373KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE